Public SectorData LeakageChatbotHigh

CISA Acting Director uploads sensitive documents to public ChatGPT instance

CISA Acting Director Madhu Gottumukkala inadvertently exposed sensitive but unclassified government contracting documents by uploading them to a public ChatGPT instance. The breach was detected by internal security sensors and led to a DHS-level damage assessment.

Cybersecurity and Infrastructure Security Agency (CISA) · Incident Jul 15, 2025 · Indexed Jun 22, 2026 · 3 sources

The acting head of the nation's cyber defense agency bypassed secured federal AI tools to use a public instance, risking the exposure of sensitive government data.

Key facts

What
CISA Acting Director Madhu Gottumukkala inadvertently exposed sensitive but unclassified government contracting documents by uploading them to a public ChatGPT instance.
Incident date
Jul 15, 2025
Who
Cybersecurity and Infrastructure Security Agency (CISA)
Failure mode
Data Leakage
AI surface
Chatbot
Severity
High

What happened

Acting Director Madhu Gottumukkala uploaded sensitive government contracting documents marked for official use only into a public version of ChatGPT in mid-July 2025. The uploads triggered multiple automated security warnings within CISA's monitoring infrastructure in early August. DHS leadership subsequently conducted a damage assessment to evaluate the risk to government security.

What broke inside the model

Failure path · mode profile · Data Leakage
  1. 01 · TriggerA request triggers retrieval or context loading.
  2. 02 · Model stepThe context pulls in another user's content.
  3. 03 · Control gapNo boundary enforces isolation at the moment of output.
  4. 04 · FailurePrivate data crosses into the response.
  5. 05 · ConsequenceOne user sees another's data, and disclosure follows.

One user's content crosses the retrieval boundary into another's response.

The failure occurred because a public AI tool was used for processing sensitive government data, which lacks the isolated environment required for for official use only material. Public ChatGPT instances store user-submitted content to improve model responses, creating a risk of data exfiltration to a commercial third party.

What it cost

Public visibilityHigh
Regulatory exposureActive
Customer impactFew customers
Financial impactUnknown
Time to disclosureMonths

Sources

  1. PressTrump’s acting cyber chief uploaded sensitive files into a public version of ChatGPTpolitico.com
  2. PressCISA Chief Accidentally Uploads Sensitive Government Documents to Public ChatGPTcyberpress.org
  3. PrimaryGrassley to CISA - ChatGPTgrassley.senate.gov

Cite this entry

Permalinkhttps://failureindex.ai/failures/cisa-acting-director-uploads-sensitive-documents
CitationAI Failure Index. "CISA Acting Director uploads sensitive documents to public ChatGPT instance" (FI-0620). Realm Labs. https://failureindex.ai/failures/cisa-acting-director-uploads-sensitive-documents (indexed Jun 22, 2026).
Share cardA branded image of this record for posts and slides.

Data fields CC-BY 4.0, prose citation permitted. Incident ID FI-0620. Full dataset at /data.

Note from Realm Labs, the Index steward

How Realm would have caught this

Controls for this failure mode
  • Prism
  • OmniGuard
  • AI Detection & Response (AIDR)

Realm can detect when a response is about to emit data that falls outside the bounds of the current user and context, and block or redact it inline, at the moment of generation rather than after the data has left.

Book a Demo

Related failures

Other records that share this failure mode (Data Leakage) or industry (Public Sector).

FI-0587Public SectorLow
Hallucination

Procureur général du Canada sanctioned pro se litigant for AI fabricated case law

A self-represented litigant in Canada was sanctioned by the Federal Court for submitting fabricated case law generated by AI. The court emphasized that citing non-existent sources is a serious matter that undermines the administration of justice.

Confidence
High (multi-source, primary)
Procureur général du Canada3 sourcesCourt FilingPublicJun 2026
FI-0580Public SectorHigh
Hallucination

City of Aberdeen legal team sanctioned for First Drafts AI hallucinations

Lawyers in the case Withers v. City of Aberdeen used AI to file documents containing fabricated case law. The court imposed an $8,000 fine and disqualified several attorneys after discovering the hallucinations.

Confidence
High (multi-source, primary)
City of Aberdeen3 sourcesPrimaryPublicJun 2026
FI-0452Public SectorMedium
Agentic Action Error

Ukrainian sea drone reportedly veers off course and explodes in Constanta port

On 2026-06-05 a naval/sea drone reportedly linked to Ukraine exploded in the Romanian port of Constanta after veering off course. Ukrainian officials told reporters the drone lost control following alleged electronic jamming; authorities say the area was secured and there were no injuries. Multiple independent news outlets reported the incident the same day.

Confidence
Medium (multi-source)
Ukrainian Navy (reported)4 sourcesPressPublicJun 2026